Total
262 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-52355 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-02-27 | N/A | 7.5 HIGH |
| An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB. | |||||
| CVE-2025-61145 | 1 Libtiff | 1 Libtiff | 2026-02-25 | N/A | 5.0 MEDIUM |
| libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. | |||||
| CVE-2025-61144 | 1 Libtiff | 1 Libtiff | 2026-02-25 | N/A | 7.3 HIGH |
| libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. | |||||
| CVE-2025-61143 | 1 Libtiff | 1 Libtiff | 2026-02-25 | N/A | 5.5 MEDIUM |
| libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. | |||||
| CVE-2024-7006 | 2 Libtiff, Redhat | 5 Libtiff, Enterprise Linux, Enterprise Linux For Arm 64 and 2 more | 2025-11-03 | N/A | 7.5 HIGH |
| A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. | |||||
| CVE-2023-3618 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2025-11-03 | N/A | 6.5 MEDIUM |
| A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. | |||||
| CVE-2023-3316 | 1 Libtiff | 1 Libtiff | 2025-11-03 | N/A | 5.9 MEDIUM |
| A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones. | |||||
| CVE-2023-2908 | 1 Libtiff | 1 Libtiff | 2025-11-03 | N/A | 5.5 MEDIUM |
| A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service. | |||||
| CVE-2023-26966 | 1 Libtiff | 1 Libtiff | 2025-11-03 | N/A | 5.5 MEDIUM |
| libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | |||||
| CVE-2023-26965 | 1 Libtiff | 1 Libtiff | 2025-11-03 | N/A | 5.5 MEDIUM |
| loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. | |||||
| CVE-2023-25433 | 1 Libtiff | 1 Libtiff | 2025-11-03 | N/A | 5.5 MEDIUM |
| libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV. | |||||
| CVE-2024-13978 | 1 Libtiff | 1 Libtiff | 2025-11-03 | 1.0 LOW | 2.5 LOW |
| A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2025-8851 | 1 Libtiff | 1 Libtiff | 2025-10-30 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2022-34266 | 2 Amazon, Libtiff | 2 Amazon Linux, Libtiff | 2025-09-30 | N/A | 5.5 MEDIUM |
| The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c. This will cause TIFFFetchStripThing() to segfault after use of an uninitialized resource. | |||||
| CVE-2025-8177 | 1 Libtiff | 1 Libtiff | 2025-09-11 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2015-7313 | 1 Libtiff | 1 Libtiff | 2025-08-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file. | |||||
| CVE-2022-3599 | 3 Debian, Libtiff, Netapp | 3 Debian Linux, Libtiff, Active Iq Unified Manager | 2025-05-07 | N/A | 5.5 MEDIUM |
| LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. | |||||
| CVE-2022-3598 | 3 Debian, Libtiff, Netapp | 3 Debian Linux, Libtiff, Active Iq Unified Manager | 2025-05-07 | N/A | 5.5 MEDIUM |
| LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. | |||||
| CVE-2022-3597 | 3 Debian, Libtiff, Netapp | 3 Debian Linux, Libtiff, Active Iq Unified Manager | 2025-05-07 | N/A | 5.5 MEDIUM |
| LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. | |||||
| CVE-2022-3570 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2025-05-07 | N/A | 7.7 HIGH |
| Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact | |||||